"This exploit worked flawlessly against Adobe Reader 9.3 despite DEP
being enabled. (For those who didn't know, Adobe Reader 9 enables DEP
"permanently".)..."What I found was that several function tails were being used to create a
hunk memory of that was not protected by DEP. After this was created, a
bit more ROP (return oriented proramming) was used to accomplish a
"memcpy" of a small loader stub to this memory and execute it.

You
might be asking yourself, "Great, but why do we care?" ... Well, AFAIK
(feel free to comment), this is the first public exploit that uses
multiple tail chunks to completely bypass permanent DEP. It certainly
gives me a bit of chill to see this coming from a maliciously
circulating document..." - jduck More from blog.metasploit.com

A hacker by the nick of villy
made a python script that will create a pdf that will launch
calc.exe on a WinXP SP2 Box with the most up-to-date version of Adobe
Reader installed even with Java turned off.After playing with it we replaced the shellcode with a Windows
Reverse Shell and then tried it on a fully patch system! BAM – Shell
again.We took the PDF file and uploaded it to Virus Total and an amazing
0/42 was returned and that is before we even used Shakata Ganai to
encode it." - loganWHDmore
from social-engineer.org

Malware samples are available for download by any responsible whitehat researcher. By downloading the samples, anyone waives all rights to claim punitive, incidental and consequential damages resulting from mishandling or self-infection.